Author: Jagdish Kumar, India
Russia based cybersecurity and anti-virus provider Kaspersky Lab has said that a new crypto miner, PowerGhost is targeting corporates in India.
A new cryptocurrency miner, dubbed PowerGhost, is targeting corporate networks in India and several other regions in the world, according to new research from Russia-based cyber-security company Kaspersky Lab.
PowerGhost uses multiple fileless techniques to discreetly gain a foothold in corporate networks, meaning that the miner does not store its body directly onto a disk, increasing the complexity of its detection and remediation, showed the study published in Securelist, the online headquarters of Kaspersky Lab security experts.
The main victims of this attack so far have been corporate users in India, Brazil, Colombia and Turkey, it added.
Cryptocurrency mining software creates new coins by using the computing power of a victim PC and mobile devices.
The threat from cryptocurrency mining software has skyrocketed in recent times, replacing ransomware as the main type of malicious software, as previous Kaspersky Lab research had shown.
As this trend grows, enterprises will be put at risk, as miners sabotage and slow down their computer networks, damaging overall business processes and lining their own pockets in the process.
However, the emergence of PowerGhost adds a new dimension to the trend. It demonstrates that malicious miner developers are shifting to targeted attacks to make more money.
PowerGhost is distributed within corporate networks, infecting both workstations and servers, the study said.
The new ghost software take control of your files and even remains undetected by antivirus solutions. The target machine is infected remotely using exploits or remote administration tools, the labs said.
Speaking on this, malware analyst at Kaspersky Lab Vladas Bulavas said that PowerGhost attacks on businesses for the purpose of installing miners raise new concerns about crypto mining software. After targeting users, cyber criminals are now turning their attention to enterprises too.
The company also advises users to keep all software on all devices updated. Queue management systems, POS terminals, and even vending machines can also be hijacked to mine cryptocurrency, the lab stressed.
Image credit: cryptovest.com